These bills often purport to allow companies and the federal government to “share” threat information for a “cybersecurity” purpose—to protect and defend against attacks against computer systems and networks. But the bills are written broadly enough to permit your communications service providers to identify, obtain, and share your emails and text messages with the government. While business leaders have conceded that they do not need to share personally identifying information to combat computer threats, the bill provides an exception to existing law designed to protect your personal information.

The newly granted powers are intended to thwart computer security threats against a company's rights and property. But the definitions are broad and vague. The terms allow purposes such as guarding against “improper” information modification and ensuring “timely” access to information, functions that are not necessarily tied to attacks.

Once handed over, the government is able to use this information for investigating crimes that are unrelated to the underlying security threat.

The bills' vague definitions like "cybersecurity threat" and "cybersecurity system" also raise the frightening possibility of a company using aggressive countermeasures. In CISPA, if a company wants to combat a threat, it is empowered to use “cybersecurity systems” to identify and obtain “cyber threat information.” But CISPA does not define exactly how far a company can go, leaving it open to the possibility of abuse.

Companies would also be immune from both civil and criminal liability for any action, including but not limited to violating a user’s privacy, as long as the company used the powers granted by CISPA in "good faith." The immunity even extends to "decisions made based on" any information “directly pertaining” to a security threat. The consequences of such a clause are far-reaching.

Update: The final text of CISA is being negotiated right now. Take action here.
CISA passed out of the Senate by a disappointing vote of 74-21 last week. The bill has already passed out of the House, and now it goes to a conference committee to work...

IF THE ZOMBIE HORROR GENRE teaches us anything, it is never to celebrate too soon. Beware the hubris of a character who walks from the graveyard victorious, failing to anticipate an undead hand pushing up through the soil. And so it was with defeat of the Cyber Intelligence Sharing...

Tonight’s Rumble discusses Paul Ryan becoming the next speaker, John Kasich’s lashing out at his rival candidates, and whether Trump is done. Thom talks about the Senate’s passing of the Cybersecurity Information Sharing Act (CISA) with the Electronic Freedom Frontier’s Nadia Kayyali, and in tonight’s Daily Take Thom discusses the...

"With security breaches like T-Mobile, Target, and [the US government's Office of Personnel Management] becoming the norm, Congress knows it needs to do something about cybersecurity," Mark Jaycox of the Electronic Frontier Foundation said in a statement Tuesday. "It chose to do the wrong thing."

Jamie Williams, a fellow at the Electronic Frontier Foundation said "in some sense, I think everyone should care" about the outcome of Nosal's appeal. EFF filed an amicus brief asking that Nosal's computer abuse conviction be overturned, but didn't take a position regarding the other charges.
Williams said that the...